OSINT
Return Home
Click here for OSINT tools.
A Pentester’s Guide – Part 1 (OSINT – Passive Recon and Discovery of Assets)
To kick off this series on offensive security techniques, I am going to begin with what I consider to be the most important aspects of pentesting. Passive Recon and OSINT. Now, do not let the word ‘passive’ fool you. This is no light recon; you can uncover vast amounts of information through passive recon, without ever doing anything intrusive.
A Pentester’s Guide Part 2 (OSINT – LinkedIn is Not Just for Jobs)
If you read the title, which I am sure you have, you’ll know that we’re going to utilize LinkedIn for this. LinkedIn is a very useful tool for enumerating users, and their emails.
SHODAN for Penetration Testers
Defcon talk on SHODAN.
Shodan Pentesting Guide
Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more. This information includes metadata such as the software running on each device.
Let me know what you think of this article on twitter @_TheGetch_!